︙ | | | ︙ | |
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
authcid = nil;
[old release];
}
- (OFDataArray*)initialMessage
{
OFDataArray *ret = [OFDataArray dataArrayWithItemSize: 1];
/* New authentication attempt, reset status */
[cNonce release];
cNonce = nil;
[GS2Header release];
GS2Header = nil;
[serverSignature release];
|
|
|
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
authcid = nil;
[old release];
}
- (OFDataArray*)initialMessage
{
OFDataArray *ret = [OFDataArray dataArray];
/* New authentication attempt, reset status */
[cNonce release];
cNonce = nil;
[GS2Header release];
GS2Header = nil;
[serverSignature release];
|
︙ | | | ︙ | |
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
|
enum {
GOT_SNONCE = 0x01,
GOT_SALT = 0x02,
GOT_ITERCOUNT = 0x04
} got = 0;
hash = [[[hashType alloc] init] autorelease];
ret = [OFDataArray dataArrayWithItemSize: 1];
authMessage = [OFDataArray dataArrayWithItemSize: 1];
OFString *chal = [OFString stringWithUTF8String: [data cArray]
length: [data count] *
[data itemSize]];
enumerator =
[[chal componentsSeparatedByString: @","] objectEnumerator];
|
|
|
|
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
|
enum {
GOT_SNONCE = 0x01,
GOT_SALT = 0x02,
GOT_ITERCOUNT = 0x04
} got = 0;
hash = [[[hashType alloc] init] autorelease];
ret = [OFDataArray dataArray];
authMessage = [OFDataArray dataArray];
OFString *chal = [OFString stringWithUTF8String: [data cArray]
length: [data count] *
[data itemSize]];
enumerator =
[[chal componentsSeparatedByString: @","] objectEnumerator];
|
︙ | | | ︙ | |
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
|
}
}
if (got != (GOT_SNONCE | GOT_SALT | GOT_ITERCOUNT))
@throw [OFInvalidServerReplyException exceptionWithClass: isa];
// Add c=<base64(GS2Header+channelBindingData)>
tmpArray = [OFDataArray dataArrayWithItemSize: 1];
[tmpArray addNItems: [GS2Header UTF8StringLength]
fromCArray: [GS2Header UTF8String]];
if (plusAvailable && [connection encrypted]) {
OFDataArray *channelBinding = [((SSLSocket*)[connection socket])
channelBindingDataWithType: @"tls-unique"];
[tmpArray addNItems: [channelBinding count]
fromCArray: [channelBinding cArray]];
|
|
|
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
|
}
}
if (got != (GOT_SNONCE | GOT_SALT | GOT_ITERCOUNT))
@throw [OFInvalidServerReplyException exceptionWithClass: isa];
// Add c=<base64(GS2Header+channelBindingData)>
tmpArray = [OFDataArray dataArray];
[tmpArray addNItems: [GS2Header UTF8StringLength]
fromCArray: [GS2Header UTF8String]];
if (plusAvailable && [connection encrypted]) {
OFDataArray *channelBinding = [((SSLSocket*)[connection socket])
channelBindingDataWithType: @"tls-unique"];
[tmpArray addNItems: [channelBinding count]
fromCArray: [channelBinding cArray]];
|
︙ | | | ︙ | |
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
|
[ret addNItems: [sNonce UTF8StringLength]
fromCArray: [sNonce UTF8String]];
/*
* IETF RFC 5802:
* SaltedPassword := Hi(Normalize(password), salt, i)
*/
tmpArray = [OFDataArray dataArrayWithItemSize: 1];
[tmpArray addNItems: [password UTF8StringLength]
fromCArray: [password UTF8String]];
saltedPassword = [self XMPP_hiWithData: tmpArray
salt: salt
iterationCount: iterCount];
|
|
|
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
|
[ret addNItems: [sNonce UTF8StringLength]
fromCArray: [sNonce UTF8String]];
/*
* IETF RFC 5802:
* SaltedPassword := Hi(Normalize(password), salt, i)
*/
tmpArray = [OFDataArray dataArray];
[tmpArray addNItems: [password UTF8StringLength]
fromCArray: [password UTF8String]];
saltedPassword = [self XMPP_hiWithData: tmpArray
salt: salt
iterationCount: iterCount];
|
︙ | | | ︙ | |
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
|
[authMessage addNItems: [ret count]
fromCArray: [ret cArray]];
/*
* IETF RFC 5802:
* ClientKey := HMAC(SaltedPassword, "Client Key")
*/
tmpArray = [OFDataArray dataArrayWithItemSize: 1];
[tmpArray addNItems: 10
fromCArray: "Client Key"];
clientKey = [self XMPP_HMACWithKey: saltedPassword
data: tmpArray];
/*
* IETF RFC 5802:
* StoredKey := H(ClientKey)
*/
[hash updateWithBuffer: (void*) clientKey
length: [hashType digestSize]];
tmpArray = [OFDataArray dataArrayWithItemSize: 1];
[tmpArray addNItems: [hashType digestSize]
fromCArray: [hash digest]];
/*
* IETF RFC 5802:
* ClientSignature := HMAC(StoredKey, AuthMessage)
*/
clientSignature = [self XMPP_HMACWithKey: tmpArray
data: authMessage];
/*
* IETF RFC 5802:
* ServerKey := HMAC(SaltedPassword, "Server Key")
*/
tmpArray = [OFDataArray dataArrayWithItemSize: 1];
[tmpArray addNItems: 10
fromCArray: "Server Key"];
serverKey = [self XMPP_HMACWithKey: saltedPassword
data: tmpArray];
/*
* IETF RFC 5802:
* ServerSignature := HMAC(ServerKey, AuthMessage)
*/
tmpArray = [OFDataArray dataArrayWithItemSize: 1];
[tmpArray addNItems: [hashType digestSize]
fromCArray: serverKey];
serverSignature = [[OFDataArray alloc] initWithItemSize: 1];
[serverSignature addNItems: [hashType digestSize]
fromCArray: [self XMPP_HMACWithKey: tmpArray
data: authMessage]];
/*
* IETF RFC 5802:
* ClientProof := ClientKey XOR ClientSignature
*/
tmpArray = [OFDataArray dataArrayWithItemSize: 1];
for (i = 0; i < [hashType digestSize]; i++) {
uint8_t c = clientKey[i] ^ clientSignature[i];
[tmpArray addItem: &c];
}
// Add p=<base64(ClientProof)>
[ret addItem: ","];
|
|
|
|
|
|
|
|
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
|
[authMessage addNItems: [ret count]
fromCArray: [ret cArray]];
/*
* IETF RFC 5802:
* ClientKey := HMAC(SaltedPassword, "Client Key")
*/
tmpArray = [OFDataArray dataArray];
[tmpArray addNItems: 10
fromCArray: "Client Key"];
clientKey = [self XMPP_HMACWithKey: saltedPassword
data: tmpArray];
/*
* IETF RFC 5802:
* StoredKey := H(ClientKey)
*/
[hash updateWithBuffer: (void*) clientKey
length: [hashType digestSize]];
tmpArray = [OFDataArray dataArray];
[tmpArray addNItems: [hashType digestSize]
fromCArray: [hash digest]];
/*
* IETF RFC 5802:
* ClientSignature := HMAC(StoredKey, AuthMessage)
*/
clientSignature = [self XMPP_HMACWithKey: tmpArray
data: authMessage];
/*
* IETF RFC 5802:
* ServerKey := HMAC(SaltedPassword, "Server Key")
*/
tmpArray = [OFDataArray dataArray];
[tmpArray addNItems: 10
fromCArray: "Server Key"];
serverKey = [self XMPP_HMACWithKey: saltedPassword
data: tmpArray];
/*
* IETF RFC 5802:
* ServerSignature := HMAC(ServerKey, AuthMessage)
*/
tmpArray = [OFDataArray dataArray];
[tmpArray addNItems: [hashType digestSize]
fromCArray: serverKey];
serverSignature = [[OFDataArray alloc] init];
[serverSignature addNItems: [hashType digestSize]
fromCArray: [self XMPP_HMACWithKey: tmpArray
data: authMessage]];
/*
* IETF RFC 5802:
* ClientProof := ClientKey XOR ClientSignature
*/
tmpArray = [OFDataArray dataArray];
for (i = 0; i < [hashType digestSize]; i++) {
uint8_t c = clientKey[i] ^ clientSignature[i];
[tmpArray addItem: &c];
}
// Add p=<base64(ClientProof)>
[ret addItem: ","];
|
︙ | | | ︙ | |
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
|
length: 64];
}
- (uint8_t*)XMPP_HMACWithKey: (OFDataArray*)key
data: (OFDataArray*)data
{
OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
OFDataArray *k = [OFDataArray dataArrayWithItemSize: 1];
size_t i, kSize, blockSize = [hashType blockSize];
uint8_t *kI = NULL, *kO = NULL;
OFHash *hashI, *hashO;
if ([key itemSize] * [key count] > blockSize) {
hashI = [[[hashType alloc] init] autorelease];
[hashI updateWithBuffer: [key cArray]
|
|
|
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
|
length: 64];
}
- (uint8_t*)XMPP_HMACWithKey: (OFDataArray*)key
data: (OFDataArray*)data
{
OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
OFDataArray *k = [OFDataArray dataArray];
size_t i, kSize, blockSize = [hashType blockSize];
uint8_t *kI = NULL, *kO = NULL;
OFHash *hashI, *hashO;
if ([key itemSize] * [key count] > blockSize) {
hashI = [[[hashType alloc] init] autorelease];
[hashI updateWithBuffer: [key cArray]
|
︙ | | | ︙ | |
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
|
uOld = [self XMPP_HMACWithKey: str
data: salty];
for (j = 0; j < digestSize; j++)
result[j] ^= uOld[j];
for (j = 0; j < i - 1; j++) {
tmp = [OFDataArray dataArrayWithItemSize: 1];
[tmp addNItems: digestSize
fromCArray: uOld];
u = [self XMPP_HMACWithKey: str
data: tmp];
for (k = 0; k < digestSize; k++)
result[k] ^= u[k];
uOld = u;
[pool releaseObjects];
}
ret = [OFDataArray dataArrayWithItemSize: 1];
[ret addNItems: digestSize
fromCArray: result];
} @finally {
[self freeMemory: result];
}
[ret retain];
[pool release];
return [ret autorelease];
}
@end
|
|
|
|
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
|
uOld = [self XMPP_HMACWithKey: str
data: salty];
for (j = 0; j < digestSize; j++)
result[j] ^= uOld[j];
for (j = 0; j < i - 1; j++) {
tmp = [OFDataArray dataArray];
[tmp addNItems: digestSize
fromCArray: uOld];
u = [self XMPP_HMACWithKey: str
data: tmp];
for (k = 0; k < digestSize; k++)
result[k] ^= u[k];
uOld = u;
[pool releaseObjects];
}
ret = [OFDataArray dataArray];
[ret addNItems: digestSize
fromCArray: result];
} @finally {
[self freeMemory: result];
}
[ret retain];
[pool release];
return [ret autorelease];
}
@end
|